The first phase of ‘GDPR-live’ has shone a new spotlight on security vulnerabilities affecting online payment processes in e-commerce. Recent news stories reveal that a threat actor known as ‘Magecart’ has featured in a series of suspected major personal data breach cases. / read more

One of the fallouts from the recent significant data breach at consumer credit reporting agency Equifax has been that a spotlight has been placed on the implications from a cyber security perspective of using open source software, since the attack leading to the Equifax breach was achieved through a vulnerability in the Apache Struts open source web framework, enabling the perpetrators to access the databases that sit behind Equifax’s website. Chris Pace, Technology Advocate at threat intelligence provider Recorded Future, explores in this article why many organisations use open source software and how such software may be exploited, and explains what organisations can do to lessen the risks. / read more

Following the cyber attack on Tesco Bank in November 2016, it has been alleged that use of sequential card numbers on Tesco Bank’s debit cards might have left users more vulnerable to the attack, according to a Financial Times report on 11 December 2016. / read more